HackDig : Dig high-quality web security articles for hacker

What happened?
On October 24th we observed notifications of mass attacks with ransomware called Bad Rabbit. It has been targeting organizations and consumers, mostly in Russia but there have also been reports of victims in Ukraine. Here’s what a ransom message looks like for the unlucky victims:
What is bad rabbit?
Bad Rabbit is a previously unknown r

One good thing about having a lot of Facebook friends is that you simply act as a honey pot when your friends click on malicious things. A few days ago I got a message on Facebook from a person I very rarely speak to, and I knew that something fishy was going on.
After just a few minutes analyzing the message, I understood that I was just peeking at the top

After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made.
This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper prete

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar:
Kaspersky Lab solutions successfully stop the attack through the System Watcher component. This te

Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world. In these attacks, data is encrypted with the extension “.WCRY” added to the filenames.
Our analysis indicates the attack, dubbed “WannaCry”, is initiated through an SMBv2 remote code execution in Microsoft Windows. This

Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ command and control server. In addition, the compromised devices were pushed Trojan updates, which allowed the attackers to extend their capabilities. The operation remains active at t

On January 10, 2017, a court order was declassified by the Italian police, in regards to a chain of cyberattacks directed at top Italian government members and institutions.
The attacks leveraged a malware named “EyePyramid” to target a dozen politicians, bankers, prominent freemasons and law enforcement personalities in Italy. These included Fab

From November 8 to 12, websites of some of the largest Russian banks fell victim to heavy DDoS attacks. Initially, it was no indication of anything unusual – all well-known banks get attacked from time to time – but further developments have evolved in the manner that allowed us to suggest a high level of organization in regards to the series of

One careless employee is all it takes to take down a company, as a recent incident report from the Exploratorium Museum reveals.The incident in question took place on September 6, when an employee of the Museum of Science, Art, and Human Perception in San Francisco, also known as the Exploratorium, fell for a well-crafted spear-phishing email.Early in the mo

The Ethereum network suffered from a computational DDoS attack yesterday when an unknown actor had leveraged a recently disclosed security issue to slow down Ether transactions.The attacker had carried out multiple Ether transactions that caused miners, servers that process transactions, to launch 50,000 additional queries on the Ethereum network before vali

The website of the Ammyy Admin remote desktop management tool has been compromised to spread malware for the God-knows-what time in the past year.Softpedia detected that something was wrong after we started receiving worrisome comments from our readers on two articles detailing past infections of the Ammyy Admin website.“ [D]ownloaded the ammyy r

Israeli police arrested on Thursday two 18-year-olds, Itay Huri and Yarden Bidani, the alleged owners of a DDoS-for-Hire service named vDos, recently exposed by infosec journalist Brian Krebs.According to local newspaper TheMarker, police released both on a $10,000 bond on Friday, prohibiting both from using their computers and phones.On the same day, massiv

An unnamed website has been at the end of a ferocious Layer 7 DDoS attack that involved traffic from over 47,000 distinct IP addresses, most of which belonged to IoT (CCTV) devices, home routers, and compromised Linux servers.Sucuri, a US web security vendor who was called in to mitigate the incident, says the attack reached a whopping 120,000 requests per s

Since March 2015, a well-organized cyber-crime syndicate has targeted more than 130 companies in over 30 countries for the purpose of industrial espionage.The vast majority of the victims are small to medium companies (30-300 employees) activating in the industrial sector.According to cyber-security vendor Kaspersky Lab, the group, which they named Operation

Steemit, a relatively small social network, announced last Thursday, July 14, that an unknown attacker had managed to hack its network and steal some of its users' funds.Steem is a new kind of technology that powers the Steemit social network and works by rewarding users who post popular content with Steem Power and Steem Dollars, a custom crypto-cu